Michael Koby

Securing Your Digital World: Passwords

Posted on September 19, 2007 by Michael Koby

When it comes to securing yourself in your little digital world, everything revolves around your passwords. Your passwords are the first and major line of defense in securing your personal data be it email, documents, or even your money. The problem is, most people have fairly unsecure passwords and as a result their “front lines” are weak and easily penetrable. So how do we create secure passwords? What makes a password “secure”? And how many passwords should you have? We will answer all of these very important questions in this article.

Why You Need Secure Passwords

I get asked a lot when I go off on my diatribe about strong passwords because people think, “What’s the big deal? Let them read my email.” Well if someone can get access to your email, they can get a hold of a lot of information. Think about it, what goes to your email? Your bank information, PayPal, eBay, personal letters, maybe even personal info like social security numbers and addresses. Also, chances are the password you use for your email is the same one you use on at least a couple of those websites I mentioned. Even if it is not, if someone has your email address password, they do a “Forgot Password” where it will email the password or a link to change to a new password to your email address which they already have access to. So having a secure password on your email (for starters) is extremely important. You really do not want to stop there, you want as many of your passwords to be as secure as possible. Best practices recommends that you have a different password for every thing you log into. That can make things difficult to keep track of.

What is a Secure Password

Before we can really recommend that you use a secure password, we really should go over what exactly a “secure” password is. But even before we do that we must preface this with the following statement: a password is only secure as the person hiding it. If you tell others your password, it is no longer secure. Also, there is no such thing as a completely secure password. Any password can be cracked given enough time and resources. The real question is, do you want to make it easy for the person trying to get your password or make them work for it?

So with that in mind, a secure password contains the following:

A combination of UPPER & lower case letters
At least 1 number
A special character like, !, %, ^, &, *, >, ~,`, or a #.
Also, it is somewhere between 8-14 characters in length

Now, here is the downside, not all websites out there allow for passwords that contain special characters, so the best thing to do in those situations is to use a long password that contains letters and numbers, with the numbers placed through out the password rather than on the end or at the beginning.

Creating a Secure Password

So with those specifications in mind, how do we go about creating secure passwords that are easy for us to remember? The key is to use a password that really has nothing to do with you, this way a cracker can not figure it out easily. Fortunately for us, there are couple of websites that will help us create some secure passwords.

PCTools Secure Password Generator: This website allows you to get real specific about your passwords, you can choose several options and interchange them at will. You can also pick a quantity so that you can get more than one password generated at a time.
GoodPassword.com: Like the PCTools site, this website allows you to pick from some options for your password, but rather then get real specific you get to chose the length, and whether or not you want special characters. Also, if you have a favorite password or phrase, you can choose to create a “l33t” password out of that password or phrase. A “l33t” password is a word with some of the letters changed to numbers and special characters. This allows you to have a password you will easily remember, but is slightly more secure.

How Strong is Your Password

If you have some passwords you like, and they already contain numbers and letters in alternating case you can also check the strength of those passwords online using a couple of tools.

Microsoft Password Checker: I will probably take some flack for this, but it doesn’t ask for a user name and it’s done with javascript so it is all client side. Just type in the password and it will tell you it’s strength.
Javascript Password Strength Meter: This one is pretty nifty because it gives it a score and also a “points” breakdown about why your password is strong or weak. Again all client side so no worries about it going anywhere.

Knowing if you have a secure password can tell you if you need to utilize the password generators. If you have weak passwords, use the password generators to create a few stronger passwords.

Password Safes Preview

Like I stated earlier, best practices recommends that you have a different password for every thing you log into. That can make things difficult to keep track of. Something that can help you keep track of all these secure passwords would be a big help right? Well, there are programs out there called password safes that store passwords in an encrypted file so that you can only access the file with a password. We will be going into more detail about password safes next week, so be sure to come back for that.

Posted in Security, Technology | Comments Off

links for 2007-09-18

Posted on September 17, 2007 by Michael Koby

Trent Reznor: Steal My Music

Reznor to Fans: “Has anyone seen the price come down? Okay, well, you know what that means – STEAL IT. Steal away. Steal and steal and steal some more and give it to all your friends and keep on stealin’. Because one way or another these motherfuckers wil

(tags: digg Music Entertainment)
Apple’s new iPod checksum cracked by GtkPod coders

Apple’s attempt to block third-party music management software on new iPods has been thwarted by open-source software developers, and it’s not the first time.

(tags: digg Apple Technology)
Open Office 2.3 released today

A new version OpenOffice 2.3 is officially released today (December 17th, 2007) for Linux fans. Hundreds of bugs are fixed. Performance is improved considerably. Try it while it’s hot.

(tags: digg Linux/Unix Technology)
Comcast Customers Limited To 90GB/Month

Comcast has revealed some details about its mysterious bandwidth limitations. Previously the company had only said that it would shut down customers who went over what the company considered average use. But given that the company doesn’t seem to have a d

(tags: digg TechIndustryNews Technology)
55 Reasons to Design in XHTML-CSS

In no particular order 55 reasons for me to do “tableless” websites using valid XHTML for markup, CSS for layout and Flash sparingly, only as an ingredient. By tableless I mean avoiding tables (or a tagsoup of unnecessary divs substituting table trs a

(tags: digg Design Technology)
Microsoft loses anti-trust appeal

The European Court of First Instance has dismissed Microsoft’s appeal in its long-running competition dispute with the European Commission. The court upheld the ruling that Microsoft had abused its dominant market position.

(tags: digg Microsoft Technology)
Mozilla president kicks Ballmer, trashes DRM, quotes Spiderman

“Tristan Nitot, president of Mozilla Europe, is a disarmingly casual guy, especially over a good lunch in a high-class London restaurant. But despite the relaxed delivery, he doesn’t pull his punches.”

(tags: digg Linux/Unix Technology)

Posted in Daily Links | Comments Off

Big Companies & Open Source

Posted on September 17, 2007 by Michael Koby

Last week, IBM announced that they would put somewhere around thirty developers on OpenOffice to help improve the product through bug fixes, new features, and collaborating with the OpenOffice team. The reason IBM says they are doing this is because they are seeing wide adoption of OpenOffice and it’s ODF (Open Document Format) by governments and companies the world over. But what makes this interesting is the fact that IBM is paying employees to work solely on an open source project, giving away features, code, and resources to a project that long term, makes them next to no money (if any at all). Big Blue seems to be doing this a lot lately. Why would a company do this?

I think that one of the many reasons that IBM has taken steps to help the open source community is because it is a good public relations move on their part. There are a lot of folks out there that support open source in a big way and as such, they support companies that support open source. People in the IT field that are pro-active in getting open source into their companies will recommend IBM products because IBM supports their favorite open source projects. Sure there are probably only a small percentage of folks out that are really trying to convince their C-people (CEO, CIO, & CFOs) into really integrating Linux and other open source projects into their IT infrastructure, but if you already have the larger percent why not try to woo the other smaller audience as well?

Another reason IBM might be doing things like helping OpenOffice and opening up their patent library to the open source community is because they believe in strength in numbers. The idea that someone might do what they did better, is not lost on them and they welcome someone to either do it better or innovate on top of it and come up with something completely new. In the end everyone eventually wins from this kind of behavior. Sure, it is okay to keep somethings proprietary (yes, I said that), but in the grand scheme of things, opening up stuff and helping out the open source projects, just helps make everything better.

Having IBM help out on the OpenOffice project also gives some much needed credibility to the OpenOffice suite and the ODF file standard. Just recently Microsoft lost it’s bid for ISO on their latest Office format, OOXML. And with the need for an open standard, ODF seems to be the next logical choice to push. It stands to reason that IBM might just be one of many large IT companies to task programmers with working on OpenOffice. A couple other companies are already spending time on it like, Red Hat and Novell. If IBM starts a trend to get other large IT companies to work on OpenOffice and other open source projects, you could begin to see a wider adoption of OpenOffice and other open source projects.

I think that this is a big step for the OpenOffice project, and I really anticipate what IBM is going to lend to the project and how much better OpenOffice will be as a result.

Posted in Commentary, Technology | Tagged Open Source Software | Comments Off

Power of Information 2007-09-16

Posted on September 16, 2007 by Michael Koby

This week on the Power of Information, Derek and I discuss digital rights management: what is it, why does it exist, and can you get around it? All this and more on this week’s Power of Information.

You can download this week’s episode here (mp3).

You can hear Power of Information Sundays on KCAA 1050AM in Loma Linda, California at 5pm Pacific Time. You can also download Power of Information in podcast form from our website at http://www.powerofinformation.net. The Power of Information is part of the America First Radio Network.

Special thanks to AngelsEye Inc. for donating the bandwidth to Power of Information. AngelsEye Inc. specializes in corporate branding and promotional marketing. Created to help companies of all sizes promote their own business and events. Visit AngelsEye Inc’s website today. Also, thanks to the band Pushmonkey for supplying music for our program. You can find out more about Pushmonkey and their music at http://www.myspace.com/Pushmonkey.

Posted in Power of Information | Comments Off

links for 2007-09-16

Posted on September 15, 2007 by Michael Koby

7 Awesome ‘Dear John’ Letters [PICS]

Not sure how to say ‘goodbye’ to that not-so-special somewhow? Here are some good, bad and downright ugly examples to choose from. Pick your favorite or fill in the ‘Dear John Letter Generator’ to create your own!

(tags: digg OffbeatNews World&Business)
Hands On: iTunes WiFi Music Store

One new feature that came with the announcement of the iPod Touch is the iTunes WiFi Music Store. Aside from the limited interaction we had with it at the Apple event on September 5, we got our first real crack at it today. All in all, its pretty great, b

(tags: digg Apple Technology)
Transform Your Classic Xbox into a Killer Media Center

Don’t ditch your classic Xbox just because you can’t play Halo 3 on it: now it’s easier than ever to transform that old neglected console into a Unix-based media command center. A simple software exploit lets you replace Microsoft’s crippled dashboard and

(tags: digg Mods Technology)
Prince lashes out at YouTube, eBay & The Pirate Bay

In an attempt to “reclaim the Internet,” Prince is preparing to file lawsuits against YouTube, eBay and The Pirate Bay, for allegedly encouraging copyright violations, according to one of his representatives.

(tags: digg Music Entertainment)
The Top 25 Games that Haven’t Come to America

The folks at Games.net have picked the 24 best Japanese games (and one European game) that unjustly never made it to US shores.

(tags: digg GamingIndustryNews Gaming)
TV Torrents: When piracy is easier than legal purchase

NBC s recent withdraw from the iTunes store leaves the millions of users of Apple iPods without a legitimate way to purchase and watch NBC s content. BitTorrent and RSS now make it trivially easy for users to subscribe to and download their favorite show

(tags: digg Apple Technology)
HDMI vs. Component – Assumptions That Mask The Facts

If you talk to any half-witted video enthusiast or ask an associate at your local big box retailer – bearing in mind that the two groups are pretty much the same – they’ll unmistakably tell you that HDMI is better than component, case closed, end of story

(tags: digg Hardware Technology)
Google backs private Moon landing

Search giant Google is offering a $30m prize pot to private firms that land a robot rover on the Moon.

(tags: digg Space Science)
Awn Dock: Better stacks, better animations, curved dock + more [PICS+VIDS]

There have been lots of cool applets popping up, especially since the python bindings were committed a week or so ago…The second branch concentrated on providing another approach to the usual linear arrangement of icons on the dock. Awn-curves puts icon

(tags: digg Linux/Unix Technology)
New iPods reengineered to block synching with Linux

The latest iPods have a cryptographic “checksum” in their song databases that prevents third-party applications from synching with the portable music players. This means that iPods can no longer be used with operating systems where iTunes doesn’t exist —

(tags: digg Linux/Unix Technology)
How Apple Had to Backtrack on Ringtones

At one point, Apple was all set to let their customers create their own ringtones for the iPhone. Then the RIAA found out and put a stop to it, according to Daniel Dilger at Roughly Drafted on Friday.

(tags: digg Apple Technology)
Jack Thompson Sends His Own Son On Personal Best Buy Sting

Joystiq has received an email from Attorney Jack Thompson stating that his 15-year-old son purchased the Mature-rated game BioShock from a local Best Buy. Thompson informs us that BioShock is created by “the notorious Take-Two interactive,” you may rememb

(tags: digg GamingIndustryNews Gaming)
The 20 Most Popular Sites for Bargain Hunters

Smart on line shoppers know that there can be a wide divergence in price between the same products from one e-tailer to the next, so in order to obtain the best deal you need to know where the bargains are. To that end, we have provide you with the Top 20

(tags: digg TechDeals Technology)
Mystery of “Dark Matter” in the universe.What is it? The race to know is on

Most of the stuff of the universe is invisible and rarely interacts with “ordinary” matter. Experimenters are racing to answer the question, What is it made of?

(tags: digg Space Science)
Compiz Fusion Web Site Now Up!

The Compiz Fusion web site in now up and running.

(tags: digg Linux/Unix Technology)

Posted in Daily Links | Comments Off

Consulting Consultants: Introduction & “On the Bench”

Posted on September 14, 2007 by Michael Koby

Introduction

Last week I started a new job as a Senior Consultant for one of the larger consulting firms here in Houston, Texas. I figured that this might be a great time to start a new weekly topic on consulting. Since I am pretty much a newbie to the consulting world, this would be a great place to post about my experiences in this new job field so that 1) others can share in my experiences and hopefully learn from them and 2) give insight to what I learn as I become a better (hopefully) consultant. I think that others might be able to benefit from my experiences and apply them to their situation. I know that there are a lot of people just like me, starting fresh consulting careers. Either they, like me, worked in a large corporation or they are fresh out of college and new to the IT job world.

On the Bench

Apparently when you are in the consultant world and not on a project (aka not “at a client”), you are known as being “on the bench” or “idle” and during this time you are most likely at your consulting firm’s office working on updating your resume, talking to account executives (or sales people, the ones that find the projects to put you on), and learning/improving your skill set. The last two are the biggies here. You have to talk to the account executives to 1) let them know you are on the bench and 2) to find out what projects exist and to let them know you can do what they need, if you can. It is a good practice to be honest with your skill set and let them know if you really can not perform a specific task that might be expected of you. You do not want to say you can do something when you really can not, it will only hurt your reputation as well as your companies. So stay honest.

To seasoned consultants, this might be common knowledge, but many new folks are eager to get on a project and can easily over extend themselves by talking up their skill set. It is better to say you are at a beginner level if that is truly where you are. Your account executives might even have an entry level project that will help you get out of that beginner status on a certain skill. Chances are your firm wants you to become better and will place you on entry level projects if they have them so that you can extend and improve a certain skill set.

So, what if there are no entry level projects and you are on the bench? Well, you can find out what skill sets are needed by talking to the account executives and start studying up on those (we will go over this in more detail in a future post). You can also go over your firm’s documentation. Find out what they expect from someone at your level, see what resources are available to you and utilize them. Hopefully they have supplied you with a nice set of training materials that you can utilize to better yourself. If you can achieve a certification for your skill set, start working on that. The idea is to improve your skill set, because it makes you more marketable, which means less time on the bench and not billing. To be useful to your firm, you need to be billing which means you need to be at a client so that they are paying your firm for your being there.

The Future Looks Bright

As I continue to learn things about consulting and the world in which it exists, you can find tidbits and information here every Thursday. This will probably include some complaining about clients but that is part of the job, the idea is to learn from that and be better prepared to handle it next time. Hopefully others out there like me can learn from me.

Posted in Consulting Consultants | 1 Comment